ITEM_SCORED and ITEM_LEVEL in csv

[CenturionGamer]

ITEM_SCORED and ITEM_LEVEL are both blank in the results. This happened for multiple checks.

[w0rmr1d3r]

Hello @CenturionGamer !
Can you give us some images where that is failing?
How did you run Prowler?

Thanks!

[estemendoza]

Hi! I am having the same issue. I executed prowler like this: ./prowler -c check310 -M csv and then the CSV file looked like this:

[estemendoza]

I am no good with Bash, but could this be the issue? These lines are commented out

https://github.com/toniblyx/prowler/blob/e0f60114f4465205cf782aea108c521d84a7f78d/include/outputs#L240-L258

[CenturionGamer]

@w0rmr1d3r - Good morning! Thanks for responding to this issue. See the comment above from @estemendoza and the code he posted. I ran Prowler the same way as @estemendoza did.

[w0rmr1d3r]

Can we try again uncommenting those lines that @estemendoza says?

[estemendoza]

Hi @w0rmr1d3r, I tried enabling those lines and now they show up on the report, but they always show as "Unspecified", no matter what check I execute, so I think that doesn't solve the issue

[w0rmr1d3r]

Let's try another thing, can you try running Prowler, but without specific checks? Just with a group.
For instance, execute Prowler so it runs the whole IAM group and the output is csv. With those lines enabled!

Can you try that and tell us what does appear?

Thank you @estemendoza !

[estemendoza]

@w0rmr1d3r No problem, executed the following command: ./prowler -g group1 -M csv and same result

[toniblyx]

hey guys! My bad, I should have included that information in the release notes, sorry about that. I removed those fields because are only used by CIS checks, and now Prowler is way more than just CIS checks. The plan is to have another way to identify checks that belong to a particular standard or framework. If you think Scored/Not Scored and Level is really important for you, please let me know.

[CenturionGamer]

@toniblyx - Hey man! Thanks for the reply. I'll connect with @estemendoza and see how relevant those columns are, and if we need them.

[snotrauk]

The level is important for the CIS checks IMO. Would rather that stayed.

[toniblyx]

@shaunography yes, I kind of agree for CIS checks only. The plan is to change the way checks are related to security frameworks and regulations so that will change but the implementation is not clear yet in terms of checks metadata.

[toniblyx]

Hey @shaunography @estemendoza @CenturionGamer @w0rmr1d3r,

This will come back in version 3 with the reachitecture of checks and implementation of compliance related information per check. Item scored won't be included but CIS Level will.

[eprothro]

I agree keeping the CIS level / scored fields -- at least until there is a replacement available. Our compliance review requires being able to report on (and thus filter by) CIS Scored checks by level. Since these fields were removed with any kind of replacement we can't use the current version.

[toniblyx]

Watch out! I have added back CIS Level to the 2.5.1 branch that will be merged to master soon. It's added to CSV, HTML and JSON outputs.

[toniblyx]

Now this one can be closed :D

[toniblyx]

[eprothro]

Thank you for the quick consideration!

[toniblyx]

You are welcome, it is actually in branch 2.6, this has many changes and fixes that deserves a minor version instead.